4 Answers
4

The size of a RSA key is expressed in bits, not bytes. 2048 bits are 256 bytes.

A bare-bone RSA private key consists in two integers, the modulus (a big composite integer, its length in bits is the "RSA key length") and the private exponent (another big integer, which normally has the same size than the modulus). However, the modulus and the private exponent have a bit of internal structure, and knowing details about that structure allows for faster implementations (by a factor of about 4). Hence, RSA private keys usually include some more data.

Namely, if the modulus is n and is the product of two prime numbers p and q, then the private key includes:

the modulus n (256 bytes for a 2048-bit key)

the public exponent e (small, often 65537, i.e. can be encoded over 3 or 4 bytes)

the private exponent d (about 256 bytes)

the factors p and q (128 bytes each)

d reduced modulo p-1 (128 bytes)

d reduced modulo q-1 (128 bytes)

1/q mod p (the inverse of q modulo p; 128 bytes)

for a grand total of about 1160 bytes. Then there is a bit of overhead for the encoding, because all those integers could have lengths slightly different (for instance, nothing really requires that p and q have the exact same size; also, e could be greater than that). The standard structure uses ASN.1, which implies a few extra bytes here and there. It is also common to wrap the structure into a bigger structure which also identifies the key as being a key for RSA. 1232 bytes is compatible with a 2048-bit RSA key encoded in PKCS#8 format.

Other than the required values (of which the modulus is one, as @sarnold points out) and the fact that you are quite literally comparing bits and bytes, some implementations also compute a few other values up front and store them along with the key, as an optimization. For example, I am not certain but I believe I read that some implementations store the product (p-1)(q-1) (recall that the modulus n is actually the product pq, where p and q are prime).

Don't forget that 2048 is the length of the modulus in bits, but your measurement of the private key is in bytes. The private key is the modulus and the multiplicative inverse of the public exponent, and depending upon the toolkit you're using, it might also store your CN, DN, (for x509 keys) or subkeys (for GPG keys), so just comparing sizes may not be useful.